Skip to main content
Pentaho Documentation

Configure LDAP for the DI Server

You must have a working directory server with an established configuration before continuing. Follow the instructions below to manually switch from Pentaho default security to LDAP security.

  1. Stop the DI Server.
  2. Change the securities.properties file located in /pentaho-solutions/system  folder from provider=jackrabbit to provider=ldap .
  3. Save and close the file, then edit the /pentaho-solutions/system/applicationContext-security-ldap.properties file and modify the localhost and password to match your configuration.
    contextSource.providerUrl=ldap\://localhost\:10389/ou\=system
    contextSource.password=secret
  4. Update adminRole and adminUser for your system, replacing adminRole with the administrator role that you have defined in your LDAP server, and replacing adminUser with the user name that has the administrator role assigned to it.
    adminRole=cn\=Administrator,ou\=roles
    adminUser=uid\=admin,ou\=users
  5. Delete these two folders from the /pentaho/server/data-integration-server/pentaho-solutions/system/jackrabbit/repository directory:
    • repository
    • workspaces
  6. Optional: for SNMP only, make sure you change the admin user and password in the /data-integration-server/pentaho-solutions/system/karaf/etc/pentaho.jms.cfg file to match your LDAP Admin user and password located in the repository.spring.properties file. 
  7. Restart the DI Server.

The DI Server is now configured to authenticate users against your directory server. The LDAP Properties reference article contains supplemental information for LDAP values.